SUSE-SU-2018:0285-1: moderate: Security update for SUSE Manager Server 3.0
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Tue Jan 30 07:12:03 MST 2018
SUSE Security Update: Security update for SUSE Manager Server 3.0
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:0285-1
Rating: moderate
References: #1015956 #1041993 #1045141 #1052283 #1055296
#1058110 #1060182 #1061273 #1061574 #1062936
#1063419 #1063588 #1063759 #1063891 #1063940
#1064393 #1065259 #1065676 #1065844 #1066404
#1066663 #1066819 #1066923 #1068032 #1068057
#1069615 #1069943 #1070372 #1070597 #1071314
#1071367 #1071553 #1073713 #1073739 #1074508
#1075044 #1076622 #970630 #979633
Cross-References: CVE-2017-5715 CVE-2017-5753 CVE-2017-5754
Affected Products:
SUSE Manager Server 3.0
______________________________________________________________________________
An update that solves three vulnerabilities and has 36
fixes is now available.
Description:
This update fixes the following issues:
!!!NOTE: For PostgreSQL, schema migrations could take a long time (hours),
depending on the number of synced !!! !!!packages and number of rows
which requires cleanup. Please refer to the release notes for more
information.!!!
nutch:
- Fix log hadoop into proper directory. (bsc#1061574)
osad:
- Fixed TypeError for force flag in setup_config that could happen when
jabberd restart was needed. (bsc#1064393)
pxe-default-image:
- Spectre and Meltdown mitigation. (CVE-2017-5753, CVE-2017-5715,
CVE-2017-5754, bsc#1068032)
spacecmd:
- Added custom JSON encoder in order to parse date fields correctly.
(bsc#1070372)
spacewalk-backend:
- Fix restore hostname and ip*addr in templated documents. (bsc#1075044)
- Fix directory name in spacewalk-data-fsck.
- RhnServerNetwork refactoring. (bsc#1063419)
spacewalk-branding:
- Fix message about package profile synchronization. (bsc#1073739)
- Fix naming of the Tools channel. (bsc#979633)
spacewalk-client-tools:
- Fix package sources.
spacewalk-java:
- Fix message about package profile synchronization. (bsc#1073739)
- Add VM state as info gathered from VMware. (bsc#1063759)
- Improve performance of token checking, when RPMs or metadata are
downloaded from minions. (bsc#1061273)
- Fix action names and date formatting in system event history.
(bsc#1073713)
- Fix incorrect 'os-release' report after SP migration. (bsc#1071553)
- Fix failed package installation when in RES 32 and 64 bit packages are
installed together. (bsc#1071314)
- Add user preferences in order to change items-per-page. (bsc#1055296)
- Display messages about wrong input more end-user friendly. (bsc#1015956)
- Fix content refresh when product keys change. (bsc#1069943)
- Allow 'Package List Refresh' when package architecture has changed.
(bsc#1065259)
- Support Open Enterprise Server 2018. (bsc#1060182)
- Do not remove virtual instances for registered systems. (bsc#1063759)
- Process right configfile on 'scheduleFileComparisons' API calls.
(bsc#1066663)
- Fix reported UUIDs for guests instances within a virtual host.
(bsc#1063759)
- Generate Order Items for OEM subscriptions. (bsc#1045141)
- Enable 'Power Management' features on Salt minions.
- Fail gracefully when GPG files are requested. (bsc#1065676)
- Improve messaging for "Compare Packages". (bsc#1065844)
- RhnServerNetwork refactoring. (bsc#1063419)
- Add Adelaide timezone to selectable timezones. (bsc#1063891)
spacewalk-reports:
- More rhnServerNetwork refactoring. (bsc#1063419)
spacewalk-search:
- RhnServerNetwork refactoring. (bsc#1063419)
spacewalk-web:
- Add user preferences in order to change items-per-page. (bsc#1055296)
susemanager:
- Support Open Enterprise Server 2018. (bsc#1060182)
- Fixed bootstrap repository path for SLES4SAP version 12 and 12.1.
(bsc#1062936)
- Fix error message for database upgrade failure.
- Check for sufficient diskspace in /var/lib/pgsql.
- Notify admin that database backups need reconfiguration after db upgrade.
susemanager-docs_en:
- Update text and image files:
- List Open Enterprise Server 2015, 2015 SP1, 2018 as supported clients.
susemanager-schema:
- Fix hostname schema upgrade. (bsc#1076622)
- Fix duplicate entries in channel listings.
- Handle nevra not found case while fixing duplicate evr ids. (bsc#1074508)
- Enable 'Power Management' features on Salt minions.
- Fix unique index for evr and capability and remove duplicates during
migration. (bsc#1058110)
- RhnServerNetwork refactoring. (bsc#1063419)
- Add Adelaide timezone to selectable timezones. (bsc#1063891)
susemanager-sls:
- Python3 compatibility fixes in modules and states.
- Fix failing certs state for Tumbleweed. (bsc#970630)
- Fix deprecated SLS files to avoid deprecation warnings during highstate.
(bsc#1041993)
susemanager-sync-data:
- Support Open Enterprise Server 2018. (bsc#1060182)
- Fix description for HA channel. (bsc#1063588)
- Add support for CAASP. (bsc#1052283)
- Add IBM DLPAR channels to SLES for SAP SPx ppc64le. (bsc#1068057)
- Remove Certification Module 12 from SP2 and SP3. (bsc#1066819)
- Add SUSE Manager Server 3.0 and 3.1 channels for mirroring.
- Support SLE-RT 12 SP3. (bsc#1063940)
- Add SLE12 LTSS as extension to SLES for SAP 12. (bsc#1069615)
- Remove OES2018 Debuginfo channels. (bsc#1071367)
virtual-host-gatherer:
- Add VM state as info gathered from VMware. (bsc#1063759)
- Explore the entire tree of nodes from VMware. (bsc#1070597)
- Skip safely VMs which have no config attribute on VMware. (bsc#1066923)
How to apply this update: 1. Log in as root user to the SUSE Manager
server. 2. Stop the Spacewalk service: spacewalk-service stop 3. Apply the
patch using either zypper patch or YaST Online Update. 4. Upgrade the
database schema: spacewalk-schema-upgrade 5. Start the Spacewalk service:
spacewalk-service start
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Manager Server 3.0:
zypper in -t patch SUSE-SUSE-Manager-Server-3.0-2018-204=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Manager Server 3.0 (s390x x86_64):
spacewalk-branding-2.5.2.16-16.9.1
susemanager-3.0.25-25.9.1
susemanager-tools-3.0.25-25.9.1
- SUSE Manager Server 3.0 (noarch):
nutch-1.0-0.9.8.1
osa-common-5.11.64.4-4.3.1
osa-dispatcher-5.11.64.4-4.3.1
pxe-default-image-3.0-0.14.3.6
pxe-default-image-debugsource-3.0-0.14.3.6
spacecmd-2.5.5.10-16.12.1
spacewalk-backend-2.5.24.15-26.14.1
spacewalk-backend-app-2.5.24.15-26.14.1
spacewalk-backend-applet-2.5.24.15-26.14.1
spacewalk-backend-config-files-2.5.24.15-26.14.1
spacewalk-backend-config-files-common-2.5.24.15-26.14.1
spacewalk-backend-config-files-tool-2.5.24.15-26.14.1
spacewalk-backend-iss-2.5.24.15-26.14.1
spacewalk-backend-iss-export-2.5.24.15-26.14.1
spacewalk-backend-libs-2.5.24.15-26.14.1
spacewalk-backend-package-push-server-2.5.24.15-26.14.1
spacewalk-backend-server-2.5.24.15-26.14.1
spacewalk-backend-sql-2.5.24.15-26.14.1
spacewalk-backend-sql-oracle-2.5.24.15-26.14.1
spacewalk-backend-sql-postgresql-2.5.24.15-26.14.1
spacewalk-backend-tools-2.5.24.15-26.14.1
spacewalk-backend-xml-export-libs-2.5.24.15-26.14.1
spacewalk-backend-xmlrpc-2.5.24.15-26.14.1
spacewalk-base-2.5.7.20-25.12.1
spacewalk-base-minimal-2.5.7.20-25.12.1
spacewalk-base-minimal-config-2.5.7.20-25.12.1
spacewalk-client-tools-2.5.13.9-18.3.3
spacewalk-html-2.5.7.20-25.12.1
spacewalk-java-2.5.59.19-27.12.3
spacewalk-java-config-2.5.59.19-27.12.3
spacewalk-java-lib-2.5.59.19-27.12.3
spacewalk-java-oracle-2.5.59.19-27.12.3
spacewalk-java-postgresql-2.5.59.19-27.12.3
spacewalk-reports-2.5.1.4-4.6.1
spacewalk-search-2.5.2.4-4.6.1
spacewalk-taskomatic-2.5.59.19-27.12.3
susemanager-advanced-topics_en-pdf-3-25.11.3
susemanager-best-practices_en-pdf-3-25.11.3
susemanager-docs_en-3-25.11.3
susemanager-getting-started_en-pdf-3-25.11.3
susemanager-jsp_en-3-25.11.3
susemanager-reference_en-pdf-3-25.11.3
susemanager-schema-3.0.24-25.11.1
susemanager-sls-0.1.25-27.12.1
susemanager-sync-data-3.0.19-28.6.1
virtual-host-gatherer-1.0.16-7.6.1
virtual-host-gatherer-VMware-1.0.16-7.6.1
References:
https://www.suse.com/security/cve/CVE-2017-5715.html
https://www.suse.com/security/cve/CVE-2017-5753.html
https://www.suse.com/security/cve/CVE-2017-5754.html
https://bugzilla.suse.com/1015956
https://bugzilla.suse.com/1041993
https://bugzilla.suse.com/1045141
https://bugzilla.suse.com/1052283
https://bugzilla.suse.com/1055296
https://bugzilla.suse.com/1058110
https://bugzilla.suse.com/1060182
https://bugzilla.suse.com/1061273
https://bugzilla.suse.com/1061574
https://bugzilla.suse.com/1062936
https://bugzilla.suse.com/1063419
https://bugzilla.suse.com/1063588
https://bugzilla.suse.com/1063759
https://bugzilla.suse.com/1063891
https://bugzilla.suse.com/1063940
https://bugzilla.suse.com/1064393
https://bugzilla.suse.com/1065259
https://bugzilla.suse.com/1065676
https://bugzilla.suse.com/1065844
https://bugzilla.suse.com/1066404
https://bugzilla.suse.com/1066663
https://bugzilla.suse.com/1066819
https://bugzilla.suse.com/1066923
https://bugzilla.suse.com/1068032
https://bugzilla.suse.com/1068057
https://bugzilla.suse.com/1069615
https://bugzilla.suse.com/1069943
https://bugzilla.suse.com/1070372
https://bugzilla.suse.com/1070597
https://bugzilla.suse.com/1071314
https://bugzilla.suse.com/1071367
https://bugzilla.suse.com/1071553
https://bugzilla.suse.com/1073713
https://bugzilla.suse.com/1073739
https://bugzilla.suse.com/1074508
https://bugzilla.suse.com/1075044
https://bugzilla.suse.com/1076622
https://bugzilla.suse.com/970630
https://bugzilla.suse.com/979633
More information about the sle-security-updates
mailing list